Embodiments of this invention relate in general to electronic devices. More specifically, embodiments of this invention relate to electronic devices that require zeroization to protect stored sensitive information from being wrongfully acquired.
In mission critical electronic devices zeroization is executed to delete potentially sensitive or sensitive information from the memory before the device falls into the wrong hands or more specifically into the control of someone who should not have access to the information. While the zeroization capability is a necessity for electronic devices used by the military, homeland security or state and local police departments, such capability is also desirable for private security guards, corporate executives or others who wish to protect information stored in their electronic device.
Zeroization is a process of scrubbing memory to remove sensitive information stored in an electronic device. The memory scrubbing process includes any device or location where sensitive data may be stored.
Activation of a key or a button on the faceplate of the electronic device by an operator typically triggers, or initiates, the zeroization process. In other prior art electronic devices, zeroization occurs when the operator types in a special code. However, if an operator is unable to activate the key or button or is, for some reason, incapacitated and unable to enter the code, the sensitive information may be needlessly exposed. In other instances, even if the operator is able to manually initiate the zeroization process, the electronic device may be fully or partially inoperable thereby making it impossible to initiate the zeroization process. Clearly, there is a need to ensure that zeroization is not dependant on an operator to initiate the zeroization process.
In still other prior art devices, the zeroization process is initiated when the outer case of the electronic device is tampered with or when the temperature exceeds a selected temperature. In such devices, simply removing the power before beginning the forensic recovery of the sensitive information may defeat the zeroization mechanism. The ability for someone to open a module's cover and access sensitive information in memory before zeroization depends heavily on the design and configuration and the time between tamper detection and zeroization can be on the order of a few milliseconds to several seconds. Thus, the immediate zeroization of sensitive information means that upon detection of tampering, the electronic device must ‘drop everything’ and perform zeroization. However, by the time tamper detection occurs, it may already be too late to enter the state where zeroization takes place. What is needed is an automated mechanism that monitors the condition of the electronic device and initiates the zeroization process in anticipation of a trigger condition without operator intervention so that critical sensitive information is not exposed.
To overcome these disadvantages of the prior art, the present invention determines if a trigger condition has occurred or is about to occur and then initiates a zeroization process to remove sensitive information before the electronic device failure would prohibit zeroizaton.
The foregoing and additional features and advantages of this invention will become apparent from the detailed description and review of the associated drawing figures that follow.